During the March 4th 2020 Dallas MuleSoft Meetup , we had a great discussion about the various layers of API security. There was a lot of interaction and excellent questions regarding the first layer of security and how API security at the gateway itself works. Many in attendance were familiar with this concept and have already implemented this level of security in some form.

When talking about the next layer of security using webapplication firewalls (WAF), more people showed interest in the typical “bestpractice” API security implementation and were curious how it protects againstOWASP top 10 and similar attacks.

Finally, there was intense interest in the third layer ofsecurity, using an AI engine with Ping Intelligence to model the behavior onAPIs to prevent and block attacks. The discussion included many great questionson how the machine learning capability models the behavior of the API.

Overall, I noticed that in Dallas there were many organizations who had either implemented robust API security on the gateway or using WAFs. These organizations were ready to explore the third layer of security because their organization has many APIs developed and implemented and are familiar with security best practices. They were in the right position with their API footprint and API security to explore the third layer, which involves using something like Ping Intelligence. Interested in other API security articles? Click here.